Yet another SE Asia bank hit by a SWIFT credentials hack Cybercrooks have once again broken into the SWIFT financial transaction network and stolen money from another bank. The breach – victim and amount looted undisclosed – comes as the fallout from February’s $81m Bangladesh reserve bank cyber-heist continues to spread. The second robbery was uncovered by investigators looking …
Yes this can occur anywhere in the world (and probably has) and all these organizations need to be vigilant etc but honestly is it really that surprising where in the world this is occurring most egregiously? In the lands of ship breaking (a very depressing Google, don't do on a Friday).
You have an inadvertent 'Swift' in there. They are a car company, a delivery company, and a sausage company, unrelated to SWIFT.
My first week at SWIFT. First day I noticed the building had curved edges, same as Air Traffic - to deflect truck-bombs. Everyone gets a full body scan to enter and leave, to make sure nothing as big as a CD or memory stick gets in or out. There is CCTV everywhere. There is an ashtray placed on your desk, because they know in advance you smoke. You are allowed to smoke everywhere, including certain server rooms, because there is a constant updraft of ventilation that Dyson must've designed. You are not allowed anywhere near the servers you support, you have to talk operations staff through whatever minor or vital thing you want to do. Your colleagues at lunch joke that they analyse your piss and shit in the toilet for drugs. Except they aren't joking, although out of hours cannabis is permitted. You find your flat has been broken into overnight, fairly often, just to check. The mice have fingerprint readers. You are told security is everyone's prime responsibility, but when you actually check on security, you are questioned by an internal security team about your motives. There is no internet access, but the intranet tells you stuff about your hometown that you never knew. You are repeatedly warned about all the ingenious Mafia phishing and more serious threats. Your colleagues are introduced to you as 'John, from British security' and 'Paul, from French security', and these are actual state officers seconded to the role doing coding and tech support. When you have a tech support question yourself, your call goes directly to one of the world's experts - millionaires are your help-desk. They try to imprison their staff with high wages, and give you a weekly back massage.
Outside of GCHQ and the NSA, it is the tightest security in the world. Of course their end terminals are the weakest link, that's not their responsibility. They tell an anecdote about when Saddam invaded Kuwait they dodged a bullet because the terminal there was in an unopened cupboard.
But blaming SWIFT for end point attacks is like blaming BT for phishing scams. They are tighter than a sheep's behind at an Aberdeen game.
This is the SWIFT that handed the data on bulk to the NSA, once it left their hands, their security was more theatre not security. As for no internet access, can they say the same for the US Treasury (which gets one copy)?
SEPA takes over now, the Germans in Frankfurt. All EU Bank transactions to be handled by SEPA by October 31st this year. Which among other things will restore basic EU privacy rights to their bank transactions.
So its very handy, that the Panama Papers are leaked to a *German* newspaper, filtered of all US politicians, celebs, bankers, drug lords, lobbyists, corporate leaders...?! And the US-UK screams of "transparency", just at this time! If I was the suspicious kind, I would think they were trying to get access to that data (plus everything from AliPay to LinePay to Bitcoin wallets).
Cameron won't oppose "transparency" after his dad's trust fund has been revealed (handy that it was in that data!) and UK is already pissing its own citizens/companies data around to everyone who asks. So UK provides the weak link there.
@" there is a constant updraft of ventilation that Dyson must've designed"
Funny you mentioned that, can you think how useful Dysons transaction data is to its competitors, or to the suppliers it negotiates with?
Actually, there is a mandatory fix to apply to resolve this issue, SWIFT spam you with emails if this hasn't been applied yet.
It is recommended to keep the SWIFT servers segregated in a DMZ.
SWIFT software supports RSA tokens for user authentication so that would assist in preventing these types of attacks - seen this happen elsewhere where "security" let his friends in to the secure segregated SWIFT room to install key loggers one Friday night and they went back in the following Friday. We're scuppered by the intricacies of the the international payment message types and were found out when the CCTV footage was watched.
You can get Anti money laundering software installed inline that will check every payment in/out just before it goes out the door that would likely have prevented this.
I've seen many instances of people with SWIFT installed where their processes and ways of doing things could assist fraud but they haven't wanted to change.
In cases I've seen, it's not SWIFTs fault but the laid back attitude of institutions that use their software.
Anon 'coz I know a bit about SWIFT.
According to the BBC article about this latest theft: http://www.bbc.co.uk/news/technology-36284446
"An investigation into February's attack revealed that the cyberthieves won access to the central bank network because of poor security controls.
The bank had no firewall, which is designed to block unauthorised access requests. It also used second-hand internet routers, which had cost $10, to connect to global financial networks"
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
